Changing The Cloud Security Conversation

What are the pertinent questions banks should ask about security in the cloud?

1 of 5

Banks’ concerns about the security of running applications in the cloud have persisted, keeping many institutions from exploring and using public clouds. However, the cloud security conversation has shifted. It’s possible that under some circumstances there even may be improved security when operating in the cloud. What’s the cloud security reality right now? What kinds of questions should banks ask about cloud security, and are they focusing on the right issues and investments?

Peggy Bresnick Kendler has been a writer for 30 years. She has worked as an editor, publicist and school district technology coordinator. During the past decade, Bresnick Kendler has worked for UBM TechWeb on special financialservices technology-centered ... View Full Bio

Many cloud vendors are pouring a lot of resources into security. It's generally seen as the biggest barrier to adoption of their services. With all of that focus on security, the cloud vendors will probably get to the point where their services are the most secure on the market at some point. But we're probably not there yet.

That's a good point about reading the contract and making sure to find a cloud provider that fits the needs of a financial institution by Mr Neely. Making sure the right security is in place at all times is just as important as initially securing.

It's interesting that these experts are suggesting there may actually be MORE security in the cloud than in alternative/traditional environments. I'm sure that's somewhat oversimplified, but it does illustrate that execs need to put aside assumptions and preconceptions about these emerging models and objectively assess what strategies truly will support business and operational requirements.

Cloud services provide too much potential to completely ignore. Like Howie mentions, it's good that cloud vendors can obtain these various industry certificates, so banks can know how legitimate of a cloud vendor they are dealing with.